Skip to content

Switch Ownership Role

Privacera supports switching the ownership role for Snowflake resources managed through the Snowflake connector. This feature allows you to change the ownership of Snowflake resources—such as databases, schemas, and tables—to a designated role. This can help in better managing access control and permissions.

The ownership role is typically set to the same username as the Snowflake server user configured for integration.

Warning

If the Warehouses to manage access control policies and Databases to manage access control policies fields are left empty, the configuration will apply to all warehouses and databases, and their ownership will be changed to the specified role.

Configure

Replace <RESOURCE_OWNER> with your actual value.

  1. Navigate to SettingsApplications in the Self-Managed Portal.

  2. From the list of Connected Applications, select Snowflake.

  3. Click on the application name or the icon to edit. Then, go to the Access Management tab and select the BASIC tab.

  4. Under the ADVANCED tab, enter the value in the following field:

    • Snowflake resource owner: <RESOURCE_OWNER>

  5. Click SAVE to apply the changes.

  1. SSH to the instance where Privacera Manager is installed.

  2. Run the following command to open the .yml file to be edited.

    If you have multiple connectors, then replace instance1 with the appropriate connector instance name.

    Bash
    1
    vi ~/privacera/privacera-manager/config/custom-vars/connectors/snowflake/instance1/vars.connector.snowflake.yml

  3. Add or update the following property to specify the ownership role:

    YAML
    1
    CONNECTOR_SNOWFLAKE_OWNER_ROLE: "<RESOURCE_OWNER>"

  4. Once the properties are configured, run the following commands to update your Privacera Manager platform instance:

    Step 1 - Setup which generates the helm charts. This step usually takes few minutes.

    Bash
    1
2
    cd ~/privacera/privacera-manager
./privacera-manager.sh setup
    Step 2 - Apply the Privacera Manager helm charts.
    Bash
    1
2
    cd ~/privacera/privacera-manager
./pm_with_helm.sh upgrade
    Step 3 - Post-installation step which generates Plugin tar ball, updates Route 53 DNS and so on.

    Bash
    1
2
    cd ~/privacera/privacera-manager
./privacera-manager.sh post-install

  1. In PrivaceraCloud portal, navigate to Settings -> Applications.

  2. On the Connected Applications screen, select Snowflake.

  3. Click on the icon or the Account Name to modify the settings.

  4. On the Edit Application screen, go to Access Management.

  5. Under the BASIC tab, enter the value in the following field:

    • Snowflake resource owner: <RESOURCE_OWNER>

  6. Click SAVE to apply the changes.

Comments